Support specifying ssl_password_file for nginx
What does this MR do?
Support specifying ssl_password_file in nginx conf
Testing
- Deploy GitLab instance using HTTP
- Create self-signed certificate for the GitLab FQDN with a private (encrypted) key
- Edit
gitlab.rb
to change GitLab instance to use HTTPS with this self-signed certificate and runsudo gitlab-ctl reconfigure
- Try accessing GitLab instance and see it fails
- Create
/etc/gitlab/ssl/nginx_password_file
with the passphrase to the SSL key - Edit
/etc/gitlab/gitlab/rb
and appendnginx['ssl_password_file'] = '/etc/gitlab/ssl/nginx_password_file'
to it and runsudo gitlab-ctl reconfigure
- Run
sudo gitlab-ctl tail nginx
and see thatnginx
is now running fine. - Try accessing GitLab instance from another machine and see certificate works
Related issues
Closes #4181 (closed)
Checklist
See Definition of done.
For anything in this list which will not be completed, please provide a reason in the MR discussion
Required
-
Merge Request Title, and Description are up to date, accurate, and descriptive -
MR targeting the appropriate branch -
MR has a green pipeline on GitLab.com -
Pipeline is green on dev.gitlab.org if the change is touching anything besides documentation or internal cookbooks -
trigger-package
has a green pipeline running against latest commit
Expected (please provide an explanation if not completing)
-
Test plan indicating conditions for success has been posted and passes -
Documentation created/updated -
Tests added -
Integration tests added to GitLab QA -
Equivalent MR/issue for the GitLab Chart opened
Edited by Balasankar 'Balu' C